Monitoring policies

Ensure a log metric filter and alarm exist for unauthorized API calls

Ensure a log metric filter and alarm exist for management console sign-in without MFA

Ensure a log metric filter and alarm exist for root account use

Ensure a log metric filter and alarm exist for IAM policy changes

Ensure a log metric filter and alarm exist for CloudTrail configuration changes

Ensure a log metric filter and alarm exist for AWS Management console authentication failures

Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKs

Ensure a log metric filter and alarm exist for S3 bucket policy changes

Ensure a log metric filter and alarm exist for AWS Config configuration changes

Ensure a log metric filter and alarm exist for Security Group changes

Ensure a log metric filter and alarm exist for changes to NACLs

Ensure a log metric filter and alarm exist for changes to network gateways

Ensure a Log Metric Filter and Alarm Exist for Route Table Changes

Ensure a log metric filter and alarm exist for VPC changes